Near-Field Communication (NFC) technology, an extension of Radio Frequency Identification (RFID), is a standardized open platform technology allowing wireless transmission of data over short distances. The use of NFC technology in contactless mobile payment systems is gaining prominence. Incorporating RFID and NFC capabilities into mobile electronic devices may enable users to pay for purchases using their mobile devices (e.g., a cellular telephone, a mobile media player, a tablet computer, an Apple® iPhone®, an Apple® iPad®, a Google® Nexus S® cell phone, an HTC® Droid® mobile phone, etc.).
In NFC payment systems, the mobile electronic device may contain or have access to sensitive payment data (such as account information associated with a credit card, debit card, bank account, or a store account), which may be wirelessly transmitted to a merchant in order to pay for a purchase. A potential problem with wireless transmission of payment information may be data security. For example, RFID and NFC systems may not ensure secure transmission of confidential payment information and may offer no intrinsic protection from eavesdropping. Despite a range that may be limited to a few centimeters, a transmitted radio frequency signal may be intercepted by a nearby third party. Sensitive data, such as personal identity information or a credit card number, may therefore be misappropriated by an eavesdropper in close physical proximity. Furthermore, if the device containing the NFC capability is lost or stolen, the information stored locally on it or accessible by it (such as payment information) could be used by anyone who finds the device (e.g., to pay for unauthorized purchases).
A mobile electronic device may employ security measures to guard against unauthorized access to or use of sensitive information stored within it; however, a design of the mobile electronic device may make it problematic to implement simple and effective security protocols. For example, the mobile electronic device may utilize a touchscreen (e.g., a screen which can detect the location of touches in a display area) for user input, rather than a physical keypad. On some devices, a user may be able to access the device simply by performing a templated gesture (e.g., sliding an icon from left to right on the surface of a touchscreen). As a result, confidential payment information may be accessed or transmitted by anyone merely in physical possession of the mobile electronic device.
The user may be required to enter a user name and/or password to access or manipulate protected payment data on a mobile electronic device (e.g., to transmit protected payment data stored locally on the device to an NFC reader or initiator device), using a miniaturized keyboard and/or a virtual keypad on a touch-sensitive display screen. This process, however, may be slow, inconvenient, and/or cumbersome (e.g., a fingertip of the user may be of comparatively the same size as the area of a virtual keypad symbol, the mobile keypad may not have the same tactile feel as a physical keypad, etc.). A disabled user (e.g., a visually-impaired person, a user with limited dexterity, etc.) may have difficulty inputting payment information using virtual a keypad. It may be difficult for a user to remember multiple different multi-character pass codes, especially if they must be comprised of long combinations of capitalized and un-capitalized letters, numbers, and symbols (as is often required for financial accounts), and/or if they must be changed regularly. Furthermore, it may be cumbersome to sequentially enter a series of different alphanumeric user names and passwords in order to expediently access multiple sets of confidential payment data (e.g., the user may wish to choose different payment options for different transactions).
What is needed is a security method enabling a user of an NFC-equipped mobile electronic device to quickly and conveniently authorize wireless transmission of protected payment information stored locally within the mobile device to an NFC-capable reader for touchless payment.